Many businesses and other organizations rely upon multiple computer systems that each support either a mainframe or an alternative computer operating environment. Mainframe computer systems typically support legacy applications created before the development and wide-spread deployment of distributed computing architectures. These legacy applications provide mainframe users with access to vast quantities of information typically stored in large shared databases. After the user provides a password to gain access to the mainframe operating environment, the user may be presented with a list of applications the user is entitled to access. The user may need to supply an additional password to use one or more of these applications, or may be able to use some or all of the applications without providing an additional password or other security information. In contrast to mainframe computer systems, alternative platform computer systems such as client-server networks typically rely on a distributed computing architecture in which one or more servers control network traffic and manage network devices, such as storage devices or printers, while each client supports user applications. An alternative platform user provides a password to gain access to a particular client computer, rather than an associated server, and typically must provide an additional password or other security information to access particular applications supported on the client computer. By integrating mainframe and alternative platform computer systems, businesses and other organizations may provide users with access to applications and data through either a mainframe or alternative platform client computer, depending on the location of these users and other factors.
As computer systems and the information needs of users continue to become increasingly complex and geographically distributed, security issues have become increasingly important. Although both mainframe and alternative platform computer systems require a user to provide a password to access associated applications and data, these systems often use different command formats, password rules, and procedures for changing passwords. As a result, many users must enter one user password to access the mainframe operating environment and one or more user passwords to access each alternative operating environment, while maintaining all such passwords in their memory or in their records. Furthermore, since users frequently forget at least one of their multiple passwords, demand on help desk and other administrative services to change or bypass the forgotten passwords may be substantially increased.
Even if a user were able to adopt a single password suitable for both mainframe and alternative computer systems, a user may elect to change his or her password. In addition, security software typically requires a user to periodically change his or her password. Thus, even if the user has a single password suitable for all mainframe and alternative platform computer systems, the user must personally synchronize, after each change election and at each required change interval, the user password between the various operating environments by submitting and validating a new password at the mainframe client computer and at each alternative platform client computer the user wishes to access. This process is inconvenient, inefficient, time-consuming, and often ineffective since users may neglect to enter the new password in every operating environment to which they may need access.
Some mainframe computer systems synchronize passwords between different mainframe platforms within a mainframe operating environment by broadcasting a password change made in connection with one mainframe platform to some or all of the other mainframe platforms. This technique, however, does not synchronize passwords between mainframe and alternative platform computer systems, which may have vastly different command formats and password rules. Furthermore, because many alternative platform computer systems are widely distributed, involving a large number of client and server computers, even extending this technique to include broadcasting each password change from the mainframe platform throughout each alternative operating environment would overburden the mainframe platform due to the tremendous amount of message traffic. Thus, businesses and other organizations have been unable to efficiently and effectively integrate mainframe and alternative platform computer systems in a secured environment supporting password synchronization.